This page is served with a report-uri in its CSP header, and content that violates the policy.
<script>
console.log('This should be blocked by the Content-Security-Policy, and reported to the value in report-uri.');
</script>
